Your message dated Thu, 15 Nov 2007 21:02:12 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#451385: fixed in samba 3.0.27-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: samba
Version: 3.0.24-6etch4
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for samba.
CVE-2007-5398:
| Secunia Research has discovered a vulnerability in Samba, which can be
| exploited by malicious people to compromise a vulnerable system.
|
| The vulnerability is caused due to a boundary error within the
| "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending
| NetBIOS replies. This can be exploited to cause a stack-based buffer
| overflow by sending multiple specially crafted WINS "Name Registration"
| requests followed by a WINS "Name Query" request.
|
| Successful exploitation allows execution of arbitrary code, but
| requires that Samba is configured to run as a WINS server (the "wins
| support" option is enabled).
This information is from:
http://secunia.com/secunia_research/2007-90/advisory/
Mitre did not yet published it but it will be available later on [0].
Please also see: http://us1.samba.org/samba/security/CVE-2007-4572.html
and
http://us1.samba.org/samba/ftp/patches/security/samba-3.0.26a-CVE-2007-5398.patch
for the patch.
If you fix this vulnerability please also include the CVE id
in your changelog entry.
For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5398
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpzo6Wl8iQOI.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: samba
Source-Version: 3.0.27-1
We believe that the bug you reported is fixed in the latest version of
samba, which is due to be installed in the Debian FTP archive:
libpam-smbpass_3.0.27-1_amd64.deb
to pool/main/s/samba/libpam-smbpass_3.0.27-1_amd64.deb
libsmbclient-dev_3.0.27-1_amd64.deb
to pool/main/s/samba/libsmbclient-dev_3.0.27-1_amd64.deb
libsmbclient_3.0.27-1_amd64.deb
to pool/main/s/samba/libsmbclient_3.0.27-1_amd64.deb
samba-common_3.0.27-1_amd64.deb
to pool/main/s/samba/samba-common_3.0.27-1_amd64.deb
samba-dbg_3.0.27-1_amd64.deb
to pool/main/s/samba/samba-dbg_3.0.27-1_amd64.deb
samba-doc-pdf_3.0.27-1_all.deb
to pool/main/s/samba/samba-doc-pdf_3.0.27-1_all.deb
samba-doc_3.0.27-1_all.deb
to pool/main/s/samba/samba-doc_3.0.27-1_all.deb
samba_3.0.27-1.diff.gz
to pool/main/s/samba/samba_3.0.27-1.diff.gz
samba_3.0.27-1.dsc
to pool/main/s/samba/samba_3.0.27-1.dsc
samba_3.0.27-1_amd64.deb
to pool/main/s/samba/samba_3.0.27-1_amd64.deb
samba_3.0.27.orig.tar.gz
to pool/main/s/samba/samba_3.0.27.orig.tar.gz
smbclient_3.0.27-1_amd64.deb
to pool/main/s/samba/smbclient_3.0.27-1_amd64.deb
smbfs_3.0.27-1_amd64.deb
to pool/main/s/samba/smbfs_3.0.27-1_amd64.deb
swat_3.0.27-1_amd64.deb
to pool/main/s/samba/swat_3.0.27-1_amd64.deb
winbind_3.0.27-1_amd64.deb
to pool/main/s/samba/winbind_3.0.27-1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steve Langasek <[EMAIL PROTECTED]> (supplier of updated samba package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 15 Nov 2007 11:46:17 -0800
Source: samba
Binary: samba-doc-pdf samba-doc libsmbclient libpam-smbpass swat winbind
smbclient samba libsmbclient-dev samba-common samba-dbg smbfs
Architecture: source amd64 all
Version: 3.0.27-1
Distribution: unstable
Urgency: low
Maintainer: Debian Samba Maintainers <[EMAIL PROTECTED]>
Changed-By: Steve Langasek <[EMAIL PROTECTED]>
Description:
libpam-smbpass - pluggable authentication module for SMB/CIFS password database
libsmbclient - shared library that allows applications to talk to SMB/CIFS
serve
libsmbclient-dev - libsmbclient static libraries and headers
samba - a LanManager-like file and printer server for Unix
samba-common - Samba common files used by both the server and the client
samba-dbg - Samba debugging symbols
samba-doc - Samba documentation
samba-doc-pdf - Samba documentation (PDF format)
smbclient - a LanManager-like simple client for Unix
smbfs - mount and umount commands for the smbfs (for kernels >= than 2.2.
swat - Samba Web Administration Tool
winbind - service to resolve user and group information from Windows NT ser
Closes: 346547 443230 444054 449422 450738 451270 451272 451385
Changes:
samba (3.0.27-1) unstable; urgency=low
.
* New upstream version
- fixes a remote code execution vulnerability when running nmbd as a
WINS server. (CVE-2007-5398; closes: #451385)
- fixes a buffer overflow in nmbd when running as a domain controller
during processing of GETDC logon server requests. (CVE-2007-4572)
.
[ Steve Langasek ]
* fhs.patch: net usershares should also be stored under /var/lib, not under
/var/run. No transition handling in maintainer scripts, since this
feature is not activated by default.
* get_global_sam_sid-non-root.patch: avoid calling get_global_sam_sid()
from smbpasswd -L or pam_smbpass when running as non-root, to avoid a
foreseeable panic. Closes: #346547, #450738.
* usershare.patch: enable "user shares" by default in the server with a
default limit of 100, to support user shares on both upgrades and new
installs with no need to munge config files. Thanks to Mathias Gug
<[EMAIL PROTECTED]> for the patch. Closes: #443230.
* On Ubuntu, support autopopulating the sambashare group using the existing
members of the admin group; no equivalent handling is done on Debian,
because there doesn't seem to be an appropriate template group we can use
that wouldn't be considered a privilege escalation for those users.
* Update Samba to explicitly use the C locale when doing password changes,
to account for Linux-PAM's recently adopted i18n support.
Closes: #451272.
* Enforce creation of the pid directory (/var/run/samba) in the samba
init script, for compatibility with systems that use a tmpfs for
/var/run. Closes: #451270.
* debian/patches/cups.patch, debian/NEWS: drop the patch to force bsd
as the default printing system, as CUPS is now the dominant/default
printing system for Linux.
.
[ Debconf translations ]
* Hebrew added. Closes: #444054
.
[ Christian Perrier ]
* Split fhs.patch into 3 separate patches to make upstream integration
easier:
- fhs-newpaths.patch: introduce new paths
- fhs-filespaths.patch: assign files to new paths
- fhs-assignpaths.patch: assign paths to FHS-compatible locations
* Compile with DNS update support. Thanks to Matthias Gug for
reporting and contributions from Launchpad's #156686
Closes: #449422
Files:
f8637bb099323cfd69652674eafcb074 1361 net optional samba_3.0.27-1.dsc
cff7854ea5947882954f30d2657e1a9d 18135175 net optional samba_3.0.27.orig.tar.gz
35c31d506c8b0c4df3cc232e904672c4 199536 net optional samba_3.0.27-1.diff.gz
a55152f55df4fa53b4730077d032452d 6974292 doc optional
samba-doc_3.0.27-1_all.deb
bede3c131468f090cb22988374ab975e 6610432 doc optional
samba-doc-pdf_3.0.27-1_all.deb
3a49a6d563b20ff117a563df7b58949e 4126010 net optional samba_3.0.27-1_amd64.deb
7169a924a3cf245da659222ed7b016a9 3010890 net optional
samba-common_3.0.27-1_amd64.deb
338ac4174cce4537cec3b63788347b30 5224200 net optional
smbclient_3.0.27-1_amd64.deb
44bb61b40392d08297c980c2aae7cc2e 1028504 net optional swat_3.0.27-1_amd64.deb
6afadf65e03d8ab5235e801d27297635 515994 otherosfs optional
smbfs_3.0.27-1_amd64.deb
815c75fe82388243b3e6213317f61497 503284 admin extra
libpam-smbpass_3.0.27-1_amd64.deb
05ac36813e02d2c63feacd657bf4e48b 947886 libs optional
libsmbclient_3.0.27-1_amd64.deb
e8d90628bce4686a2051e7b771cefb5d 1267422 libdevel extra
libsmbclient-dev_3.0.27-1_amd64.deb
df77c1930ff707c1028a242ea1cc8e08 2427574 net optional
winbind_3.0.27-1_amd64.deb
b7694c856d87a761bcbc39b1ad28871f 20828640 devel extra
samba-dbg_3.0.27-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHPKo5KN6ufymYLloRAoRnAKC6nRrANKr5ryBxw9b4o4UMrQY8HACgjfTq
U0KPpKaEcRBS5jUKFWZVCHE=
=0P5x
-----END PGP SIGNATURE-----
--- End Message ---
